When a burglar chooses a house to break into, he scours the local neighborhoods looking for the home with the most lax security features. Overgrown shrubbery, no bars on the windows, no security sign in the front yard — these are some of the signs that it will be easy to get into and out of an unguarded home.

Cyber Criminals Look for the Easiest Targets, Just Like Burglars of a Physical Nature

Why hassle with rigorous security measures if you don’t have to? Criminals won’t worry with the toughest security features when there is easier prey available. You just need to make sure you aren’t the easiest target out there.

Cyber criminals look for signs of a lack of security too. They look for networks that don’t use smart monitoring at the device and level, don’t employ smart user authentication, and don’t have mobile device management plans in place. Here, they can sneak in undetected and have a field day, stealing data and corrupting systems at will. Criminals are good at choosing the path of least resistance, so you don’t necessarily need to have impenetrable security, you just need to have better security than the next potential target. Will you be the home with the bars on the windows, or the one left unprotected?

Don’t Automatically Trust Devices on the Network

There are basically three schools of thought when it comes to protecting a network, especially in an environment in which mobile devices are in play. The first school blocks only access from devices, applications, or users that are known to be a threat. As threats are identified (such as tell-tale signs that a bot is attempting to log in), those are blocked, but all other devices and users are allowed access. This means that all threats that are not yet identified are allowed access, and significant damage can be done in the interim.

The second school allows access to all devices and users that aren’t known threats, but monitors everything that those users and devices are up to. In other words, until a device proves to be problematic, it’s allowed access. This is obviously much better than the first way of approaching security, and hampers productivity less than the third and final school.

Lastly, some network security specialists require that every user and all devices are authenticated before those are allowed access to any system on the network. While this is obviously the most secure approach, it also means that a lot of legitimate users are blocked, requiring help from IT to gain access (which is time consuming and costly), and their productivity is halted in the meantime.

Assume Users Will Click on Everything

The key is to find a happy middle ground between locking users down and hindering their productivity versus allowing access to every intruder who happens along.

Aside from taking a proactive approach to network access, you’ll need to take a proactive approach to systems design. Assume that some user somewhere will click on everything eventually, finding lots of things they’re not supposed to access. Don’t assume that all users will follow the paths you establish to do what they need to do. This is even more true when mobile devices are using your systems, because it is quite easy to accidentally click something you didn’t mean to with an errant touch of a finger. Design systems so that users can only access what they are meant to see, and that they are assigned the right level of access to alter only what they have a legitimate reason to, per their job description.

Varun Kohli is Vice President of Marketing at Skycure. Varun has held executive/leadership positions in marketing, product management and product development at both startups and large companies, and is on the advisory board of many startups. In the past, Varun has been a crucial part of multiple successful exits such as IronPort Systems (acquired by Cisco), CipherTrust (acquired by Secure Computing/McAfee/Intel) and most recently ArcSight, which was acquired by HP after going IPO in 2009. Varun earned his Bachelor of Technology in Computer Science from the Indian Institute of Technology, and his Master of Science in Computer Science from the University of California.